Conventional network information security systems allowed access to sensitive information, for example via a password, without anyone in the organization knowing what information was being accessed by an application or how the information was accessed. Some traditional information security systems generated and maintained user logs. However, such systems do not provide for easily determining what information was accessed, who accessed it and what functions were perform with the information, without burdening the system with applications running on an application layer. In addition, such systems do not provide for monitoring predetermined actions taken at the application level, which may be a cause for concern in terms of data security or performing prohibited and/or illegal actions.
Embodiments of the present invention address at least the above-noted drawbacks associated with traditional information security systems.